Siemens' Control Systems Are Vulnerable to HackingAdded: Friday, August 12th, 2011
Category: Bit Torrent Freedom > The Right To Share
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extrattorrent.com
The industry experts claim that they have found out that Siemens’ industrial control systems, upon which the world's infrastructure depends, have a lot of vulnerabilities.
According to the report of an insecurity expert, the vulnerabilities are found in Siemens’ programmable logic controllers, also known as PLCs. In fact, it is the same gear that was targeted by the Stuxnet worm, which brought the Iranian nuclear program to its knees. In addition, they are used in nuclear facilities and other critical infrastructures, like commercial manufacturing factories producing everything from pharmaceuticals to automobiles.
One of the world’s best known security researcher has recently claimed that he had even found a hard-coded username and password allowing attackers reprogram the Siemens’ systems with malicious commands. Moreover, the researcher explained that he could log in via telnet and http, which enabled him to dump memory, delete files and execute commands. The insecurity researcher who has discovered all those vulnerabilities, was planning to discuss some of the above mentioned vulnerabilities at TakeDownCon in Texas this past spring, but later took a decision to pull the talk, because Department of Homeland Security and Siemens Corporation were already worried about the material.
However, since this past May, the researcher has discovered more holes enabling the hackers to bypass authentication protection in programmable logic controllers and either easily reprogram them, or issue a "stop" command to halt the PLCs. Indeed, all of them demand that the attacker has access to the network on which programmable logic controllers run. However, that was the same problem that Stuxnet had, which didn’t stop it.
Beresford, the insecurity researcher, responsible for the information, has been cooperating with DHS's Industrial Control Systems Cyber Emergency Response Team, also known as ICS-CERT. Together they worked over validating and disclosing different vulnerabilities, and now they plan to withhold some data, along with actual exploit code, until the international corporation Siemens has a chance to patch the vulnerabilities that it finds able to be fixed.
August 12th,2011Posted by:
Friday, August 12th, 2011
|posted by (2011-08-12 19:54:58)|
|Do these people not have their own insecurity experts? If not why not, and if yes then they should be fired......from a very large cannon!|
|WTF? What isn't mentioned to even get to these controllers you have to crack the controlling network that accesses them and the computers that issue instructions?|
My real concern is why the hell is these PLC's even accessible from off site?
As for a compromised nuclear systems; shut it down and reboot with backup servers after physically isolating the compromised one's first..
|Sooner or later the whole world will be in the hacker palm.|
|posted by (2011-08-13 16:54:25)|
|"In addition, they are used in nuclear facilities and other critical infrastructures, like commercial manufacturing factories producing everything from pharmaceuticals to automobiles."|
no nukes if they attack it, and no painkillers for the headache its gonna cause, you'd think a corp like siemens would sort there security out, seen as there looking after nuke stuff??
SaM, your news is much more interesting than the rest of the net, keep up the good work mate
Most Popular Stories